fix(company-profile): replace :param::jsonb with CAST(:param AS JSONB)
CI / detect-changes (push) Successful in 9s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / secret-scan (push) Has been skipped
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / build-sha-integrity (push) Failing after 4s
CI / validate-canonical-controls (push) Successful in 10s
CI / loc-budget (push) Failing after 14s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Has been skipped
CI / test-go (push) Has been skipped
CI / iace-gt-coverage (push) Has been skipped
CI / test-python-backend (push) Successful in 28s
CI / test-python-dsms-gateway (push) Has been skipped
CI / test-python-document-crawler (push) Has been skipped
CI / detect-changes (push) Successful in 9s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / secret-scan (push) Has been skipped
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / build-sha-integrity (push) Failing after 4s
CI / validate-canonical-controls (push) Successful in 10s
CI / loc-budget (push) Failing after 14s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Has been skipped
CI / test-go (push) Has been skipped
CI / iace-gt-coverage (push) Has been skipped
CI / test-python-backend (push) Successful in 28s
CI / test-python-dsms-gateway (push) Has been skipped
CI / test-python-document-crawler (push) Has been skipped
SQLAlchemy's text() parser treats `:name::jsonb` ambiguously when the
trailing `::jsonb` follows immediately — psycopg2 receives the literal
`:name::jsonb` string and raises a SyntaxError because `:` isn't a
psycopg2 placeholder syntax.
The fix uses ANSI CAST(:name AS JSONB) which is semantically identical
in PostgreSQL but lets SQLAlchemy unambiguously substitute the
parameter.
Effects: PATCH and POST/upsert on /api/v1/company-profile now actually
update the row. Before this fix both endpoints returned 500 (or 200
with stale data) and never persisted edits.
Files touched:
- _company_profile_sql.py (build_upsert_params / execute_update /
execute_insert): 12 JSONB columns
- company_profile_service.py: PATCH dynamic JSONB column,
audit log insert
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
@@ -73,24 +73,24 @@ def execute_update(
|
||||
text(f"""UPDATE compliance_company_profiles SET
|
||||
company_name = :company_name, legal_form = :legal_form,
|
||||
industry = :industry, founded_year = :founded_year,
|
||||
business_model = :business_model, offerings = :offerings::jsonb,
|
||||
offering_urls = :offering_urls::jsonb,
|
||||
business_model = :business_model, offerings = CAST(:offerings AS JSONB),
|
||||
offering_urls = CAST(:offering_urls AS JSONB),
|
||||
company_size = :company_size, employee_count = :employee_count,
|
||||
annual_revenue = :annual_revenue,
|
||||
headquarters_country = :hq_country, headquarters_country_other = :hq_country_other,
|
||||
headquarters_street = :hq_street, headquarters_zip = :hq_zip,
|
||||
headquarters_city = :hq_city, headquarters_state = :hq_state,
|
||||
has_international_locations = :has_intl,
|
||||
international_countries = :intl_countries::jsonb,
|
||||
target_markets = :target_markets::jsonb, primary_jurisdiction = :jurisdiction,
|
||||
international_countries = CAST(:intl_countries AS JSONB),
|
||||
target_markets = CAST(:target_markets AS JSONB), primary_jurisdiction = :jurisdiction,
|
||||
is_data_controller = :is_controller, is_data_processor = :is_processor,
|
||||
uses_ai = :uses_ai, ai_use_cases = :ai_use_cases::jsonb,
|
||||
uses_ai = :uses_ai, ai_use_cases = CAST(:ai_use_cases AS JSONB),
|
||||
dpo_name = :dpo_name, dpo_email = :dpo_email,
|
||||
legal_contact_name = :legal_name, legal_contact_email = :legal_email,
|
||||
machine_builder = :machine_builder::jsonb, is_complete = :is_complete,
|
||||
repos = :repos::jsonb, document_sources = :document_sources::jsonb,
|
||||
processing_systems = :processing_systems::jsonb,
|
||||
ai_systems = :ai_systems::jsonb, technical_contacts = :technical_contacts::jsonb,
|
||||
machine_builder = CAST(:machine_builder AS JSONB), is_complete = :is_complete,
|
||||
repos = CAST(:repos AS JSONB), document_sources = CAST(:document_sources AS JSONB),
|
||||
processing_systems = CAST(:processing_systems AS JSONB),
|
||||
ai_systems = CAST(:ai_systems AS JSONB), technical_contacts = CAST(:technical_contacts AS JSONB),
|
||||
subject_to_nis2 = :subject_to_nis2, subject_to_ai_act = :subject_to_ai_act,
|
||||
subject_to_iso27001 = :subject_to_iso27001,
|
||||
supervisory_authority = :supervisory_authority,
|
||||
@@ -122,17 +122,17 @@ def execute_insert(
|
||||
subject_to_nis2, subject_to_ai_act, subject_to_iso27001,
|
||||
supervisory_authority, review_cycle_months)
|
||||
VALUES (:tid, :pid, :company_name, :legal_form, :industry, :founded_year,
|
||||
:business_model, :offerings::jsonb, :offering_urls::jsonb,
|
||||
:business_model, CAST(:offerings AS JSONB), CAST(:offering_urls AS JSONB),
|
||||
:company_size, :employee_count, :annual_revenue,
|
||||
:hq_country, :hq_country_other,
|
||||
:hq_street, :hq_zip, :hq_city, :hq_state,
|
||||
:has_intl, :intl_countries::jsonb,
|
||||
:target_markets::jsonb, :jurisdiction,
|
||||
:is_controller, :is_processor, :uses_ai, :ai_use_cases::jsonb,
|
||||
:has_intl, CAST(:intl_countries AS JSONB),
|
||||
CAST(:target_markets AS JSONB), :jurisdiction,
|
||||
:is_controller, :is_processor, :uses_ai, CAST(:ai_use_cases AS JSONB),
|
||||
:dpo_name, :dpo_email, :legal_name, :legal_email,
|
||||
:machine_builder::jsonb, :is_complete, {completed_at_sql},
|
||||
:repos::jsonb, :document_sources::jsonb, :processing_systems::jsonb,
|
||||
:ai_systems::jsonb, :technical_contacts::jsonb,
|
||||
CAST(:machine_builder AS JSONB), :is_complete, {completed_at_sql},
|
||||
CAST(:repos AS JSONB), CAST(:document_sources AS JSONB), CAST(:processing_systems AS JSONB),
|
||||
CAST(:ai_systems AS JSONB), CAST(:technical_contacts AS JSONB),
|
||||
:subject_to_nis2, :subject_to_ai_act, :subject_to_iso27001,
|
||||
:supervisory_authority, :review_cycle_months)"""),
|
||||
params,
|
||||
|
||||
@@ -146,7 +146,7 @@ def log_audit(
|
||||
text(
|
||||
"INSERT INTO compliance_company_profile_audit "
|
||||
"(tenant_id, project_id, action, changed_fields, changed_by) "
|
||||
"VALUES (:tenant_id, :project_id, :action, :fields::jsonb, :changed_by)"
|
||||
"VALUES (:tenant_id, :project_id, :action, CAST(:fields AS JSONB), :changed_by)"
|
||||
),
|
||||
{
|
||||
"tenant_id": tenant_id,
|
||||
@@ -318,7 +318,7 @@ class CompanyProfileService:
|
||||
continue
|
||||
param_name = f"p_{key}"
|
||||
if key in _JSONB_FIELDS:
|
||||
set_parts.append(f"{key} = :{param_name}::jsonb")
|
||||
set_parts.append(f"{key} = CAST(:{param_name} AS JSONB)")
|
||||
params[param_name] = json.dumps(value) if value is not None else None
|
||||
else:
|
||||
set_parts.append(f"{key} = :{param_name}")
|
||||
|
||||
Reference in New Issue
Block a user